Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
Tech Stack: SolarWinds Web Help Desk (WHD)
Date(s) Issued:
Criticality:
Vulnerability:
The SolarWinds Web Help Desk (WHD) version installed on the remote host is affected by a hardcoded credential vulnerability. Versions prior to 12.8.3 Hotfix 2 contain hardcoded credentials that allow remote, unauthenticated attackers to access internal functionality, potentially enabling them to execute arbitrary commands on the host machine.
Affected Versions:
Exploitation:
Remote attackers can exploit this vulnerability without authentication by leveraging the hardcoded credentials to gain access to internal functionality and execute commands or modify system data.
Impact:
If successfully exploited, this vulnerability allows an attacker to compromise the confidentiality and integrity of the host, including unauthorized access to sensitive data and the ability to run commands. Availability may not be impacted directly, but the severity of the compromise is critical due to the exposure of internal systems.
To address the vulnerability, it is critical to upgrade to SolarWinds Web Help Desk version 12.8.3 Hotfix 2 or later.
If upgrading is not immediately possible, consider the following temporary steps:
While awaiting the full upgrade or as part of a layered defense strategy, implement the following security controls:
Verification: After upgrading or applying mitigation measures, ensure the system no longer has hardcoded credentials by reviewing application logs for any unauthorized access attempts and testing for the vulnerability using security testing tools or penetration tests.
Stay Updated: Regularly monitor for any new security patches or advisories from SolarWinds, especially for Web Help Desk.
Official Resources: